CISA’s Scanner Identifies Web Services Impacted By Log4J Flaw

Share post:

The Cybersecurity and Infrastructure Security Agency (CISA) introduced the Log4J scanner, which will help identify web services affected by two Log4j flaws (CVE-2021-44228 and CVE-2021-45046).

The tool, based on an automated scanning framework developed by cybersecurity firm FullHunt, allows security teams to scan network hosts for two main actions, including Log4j RCE exposure and detection of web application firewall (WAF) bypasses that can allow attackers to execute code within an organization’s network.

Notable features of the Log4j scanner include support for lists of URLs, fuzzing for more than 60 HTTP request headers, fuzzing for HTTP Post Data parameters, fuzzing for JSON data parameters, DNS callback support for vulnerability discovery and validation, and WAF Bypass payloads.

These and many more are some of the efforts of CISA to mitigate attacks resulting from the successful exploitation of the Log4j flaw.

For more information, read the original story in BleepingComputer.

SUBSCRIBE NOW

Related articles

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

DeepSeek vs. OpenAI: The AI Arms Race Gets Messy: Hashtag Trending for Thursday, January 30th, 2025

DeepSeek vs. OpenAI: The AI Arms Race Gets Messy, Even More Competition in AI, and Frustrated Website Owners...

DeepSeek – New AI Under Attack: Cyber Security Today for January 29, 2025

DeepSeek Cyberattack Exploits Growth Challenges in AI Platforms, Leadership Vacuums in U.S. Cybersecurity Oversight Put Critical Reviews at Risk,...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways